zloader | 92819abc5959ef5dcdec4ad5ffc638e8492d0deec4569fc9cef2501adec5474a | Triage

Sharing

General

Target

92819abc5959ef5dcdec4ad5ffc638e8492d0deec4569fc9cef2501adec5474a
Size

276KB
Sample

220201-fp1nnshafk
MD5

bbfa105715b98f8de465c8afcb4130ef
SHA1

b73c7aed91aa18f558b1a9a378fea4e5535bdf4c
SHA256

92819abc5959ef5dcdec4ad5ffc638e8492d0deec4569fc9cef2501adec5474a
SHA512

ca8279c7b22805a19a02ea7a2793db800b987f9554233df2a709a3c136c8cf89c8c6d6944b05c5f09d0e39628ce39fd43a2861c83772a1cd2a9205401a3c214d

Score

10^/10

zloader 25/03 botnet trojan

Malware Config

Extracted

Family

zloader

Botnet

25/03

C2

https://wgyvjbse.pw/milagrecf.php

https://botiq.xyz/milagrecf.php

Attributes

build_id
103

rc4.plain

Targets

- Target
  
  92819abc5959ef5dcdec4ad5ffc638e8492d0deec4569fc9cef2501adec5474a
- Size
  
  276KB
- MD5
  
  bbfa105715b98f8de465c8afcb4130ef
- SHA1
  
  b73c7aed91aa18f558b1a9a378fea4e5535bdf4c
- SHA256
  
  92819abc5959ef5dcdec4ad5ffc638e8492d0deec4569fc9cef2501adec5474a
- SHA512
  
  ca8279c7b22805a19a02ea7a2793db800b987f9554233df2a709a3c136c8cf89c8c6d6944b05c5f09d0e39628ce39fd43a2861c83772a1cd2a9205401a3c214d
Score

10^/10

zloader 25/03 botnet trojan
- Zloader, Terdot, DELoader, ZeusSphinx
  Zloader is a malware strain that was initially discovered back in August 2015.
  trojan botnet zloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

zloader25/03botnettrojan

behavioral2